xp_ssl.c

Mateusz Kocielski Sat, 12 Nov 2011 02:37:15 -0800

shm                                      Sat, 12 Nov 2011 10:36:55 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=319095


Log:
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
  ssl_handle of session_stream is not initialized.

Changed paths:
    U   php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c
    U   php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c

Modified: php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c   2011-11-12 08:57:13 UTC 
(rev 319094)
+++ php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c   2011-11-12 10:36:55 UTC 
(rev 319095)
@@ -406,6 +406,8 @@
        if (cparam->inputs.session) {
                if (cparam->inputs.session->ops != &php_openssl_socket_ops) {
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied 
session stream must be an SSL enabled stream");
+               } else if 
(((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle 
== NULL) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied 
SSL session stream is not initialized");
                } else {
                        SSL_copy_session_id(sslsock->ssl_handle, 
((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle);
                }

Modified: php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c
===================================================================
--- php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c   2011-11-12 08:57:13 UTC 
(rev 319094)
+++ php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c   2011-11-12 10:36:55 UTC 
(rev 319095)
@@ -406,6 +406,8 @@
        if (cparam->inputs.session) {
                if (cparam->inputs.session->ops != &php_openssl_socket_ops) {
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied 
session stream must be an SSL enabled stream");
+               } else if 
(((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle 
== NULL) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied 
SSL session stream is not initialized");
                } else {
                        SSL_copy_session_id(sslsock->ssl_handle, 
((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle);
                }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/ PHP_5_3/ext/openssl/xp_ssl.c PHP_5_4/ext/openssl/xp_ssl.c

Reply via email to